Abacwaningi bezokuphepha abavela e-Armis ulwazi mayelana () kusitaki se-TCP/IP IPnet esisetshenziswa kusistimu yokusebenza ye-VxWorks. Izinkinga ziqanjwe ngekhodi "URGENT/11". Ubungozi bungasetshenziswa ukude ngokuthumela amaphakethe enethiwekhi aklanywe ngokukhethekile, okuhlanganisa izinkinga ezithile ukuhlasela kungenziwa lapho kufinyelelwa ngodonga lokuvikela kanye ne-NAT (isibonelo, uma umhlaseli elawula iseva ye-DNS efinyelelwa idivayisi esengozini etholakala kunethiwekhi yangaphakathi) .
Izinkinga eziyisithupha zingaholela ekusebenziseni ikhodi yomhlaseli lapho kucutshungulwa izinketho ezisethwe ngokungalungile ze-IP noma ze-TCP ephaketheni, kanye nalapho kudluliswa amaphakethe e-DHCP. Izinkinga ezinhlanu aziyingozi kangako futhi zingaholela ekuvuzeni kolwazi noma ekuhlaselweni kwe-DoS. Ukudalulwa kokuba sengozini kuhlanganiswe ne-Wind River, futhi ukukhishwa kwakamuva kwe-VxWorks 7 SR0620, ekhishwe ngesonto eledlule, sekuvele kuzilungisile izinkinga.
Njengoba ukuba sengozini ngakunye kuthinta ingxenye ehlukile yesitaki senethiwekhi, izinkinga zingase ziqonde ngqo ngokukhishwa, kodwa kuthiwa yonke inguqulo ye-VxWorks kusukela ngo-6.5 inokuba sengozini okungenani eyodwa yokusebenzisa ikhodi yesilawuli kude. Kulokhu, kokuhlukile ngakunye kwe-VxWorks kuyadingeka ukuthi udale ukuxhashazwa okuhlukile. Ngokusho kuka-Armis, le nkinga ithinta amadivayisi angaba yizigidi ezingu-200, okuhlanganisa imishini yezimboni nezokwelapha, ama-routers, amafoni e-VOIP, izindonga zomlilo, amaphrinta kanye namadivayisi ahlukahlukene we-Inthanethi Yezinto.
Inkampani Wind River ukuthi lesi sibalo silinganiselwe futhi inkinga ithinta kuphela inani elincane lamadivayisi angabalulekile, okuthi, njengomthetho, akhawulelwe kunethiwekhi yenkampani yangaphakathi. Isitaki senethiwekhi ye-IPnet besitholakala kuphela ezinhlelweni ezikhethiwe ze-VxWorks, okuhlanganisa ukukhishwa okungasasekelwa (ngaphambi kuka-6.5). Amadivayisi asuselwe kunkundla ye-VxWorks 653 kanye ne-VxWorks Cert Edition esetshenziswa ezindaweni ezibucayi (amarobhothi ezimboni, ugesi wezimoto nowezindiza) awanazo izinkinga.
Abamele i-Armis bakholelwa ukuthi ngenxa yobunzima bokuvuselela amadivaysi asengozini, kungenzeka ukuthi izibungu zizovela ezithinta amanethiwekhi wendawo futhi zihlasele izigaba ezidume kakhulu zamadivayisi asengozini ngobuningi. Isibonelo, ezinye izisetshenziswa, ezifana nemishini yezokwelapha neyezimboni, zidinga ukuphinda zinikezwe isitifiketi nokuhlolwa okubanzi lapho zibuyekeza i-firmware yazo, okwenza kube nzima ukubuyekeza i-firmware yazo.
Umfula Umoya ukuthi ezimweni ezinjalo, ubungozi bokufaka ebucayini bungase buncishiswe ngokunika amandla izici zokuphepha ezakhelwe ngaphakathi ezifana nesitaki esingasebenziseki, ukuvikela ukuchichima kwesitaki, ukukhawulelwa kwekholi yesistimu, kanye nenqubo yokuhlukaniswa. Ukuvikela kungahlinzekwa futhi ngokungeza amasiginesha okuvimbela ukuhlasela kuma-firewall namasistimu okuvimbela ukungena, kanye nokukhawulela ukufinyelela kwenethiwekhi kudivayisi kuphela kupherimitha yokuvikela yangaphakathi.
Source: opennet.ru